My experience is that when it comes to computer security, there's two principles that apply. The first is risk value, and the second is making 100% secure.
Risk value basically states that you should never put more resources into security than the value of what you're securing. That's really the simplified version, as you also have to factor in various unknowns, such as figuring out the likelihood of a given attack versus the potential value of the damages that would be caused.
100% secure things do not exist. This is true for computers and it's true for every other security measure. If someone is utterly determined to break into your house, they will- no matter what you do. You can never make anything 100% secure, and you can never be 100% certain of that security.
Between the two of these ideas, you ultimately reach a point where you have to say that things are good enough- the risk is low enough, the value is not worth the additional time, and ultimately, there's no way to reach a point of complete safety. Even wiping the drive might not be enough- both because it can be evaded, and because that doesn't prevent you from being attacked again.
In the case of something like this, once you run several different programs by several different vendors, the likelihood of an infection remaining and being unseen is at best remote. Particularly if the computer is running without any sort of errors or other problems. And at that point, you accept it and move on.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
ninetydegrees
Re: compromised
on 2009-05-26 04:23 am (UTC)Risk value basically states that you should never put more resources into security than the value of what you're securing. That's really the simplified version, as you also have to factor in various unknowns, such as figuring out the likelihood of a given attack versus the potential value of the damages that would be caused.
100% secure things do not exist. This is true for computers and it's true for every other security measure. If someone is utterly determined to break into your house, they will- no matter what you do. You can never make anything 100% secure, and you can never be 100% certain of that security.
Between the two of these ideas, you ultimately reach a point where you have to say that things are good enough- the risk is low enough, the value is not worth the additional time, and ultimately, there's no way to reach a point of complete safety. Even wiping the drive might not be enough- both because it can be evaded, and because that doesn't prevent you from being attacked again.
In the case of something like this, once you run several different programs by several different vendors, the likelihood of an infection remaining and being unseen is at best remote. Particularly if the computer is running without any sort of errors or other problems. And at that point, you accept it and move on.